<?php
if(KT!='KhiThe') exit;
class users_model extends khithe_mysql{

	public function getUsers($page,$limit)
	{
		if($limit!=''){
			$page=($page==''?1:$page);
			$start = ($page - 1)* $limit; 
			$strlimit = "LIMIT $start, $limit";
		}
		else{
			$strlimit ='';
		}
		
		$select = "SELECT * FROM ".users." ORDER BY `Username` ASC ".$strlimit." ";
		$result = parent::SelectMySQL($select);
		parent::CloseConnection();
		return$result; 
	}public function getUserID($ID){
		
		$ID = parent::checkStrMySQL($ID);
		$select = "SELECT * FROM ".users." WHERE ID = '".$ID."'";
		$result= parent::SelectMySQL($select);
		parent::CloseConnection();
		return $result;
	}public function setCheckedUser($ID,$Val)
	{
		$ID = parent::checkStrMySQL($ID);
		$update = "UPDATE ".users." SET Status='".$Val."'  WHERE ID = '".$ID."'";
		parent::CloseConnection();
		return parent::UpdateInsertMySQL($update);
	}public function delCheckedUser($ID)
	{
		$ID = parent::checkStrMySQL($ID);
		$del = "DELETE FROM ".users." WHERE ID='".$ID."' ";
		parent::CloseConnection();
		return parent::DeleteMySQL($del);
	}public function getUsername($username)
	{
		$Mail = parent::checkStrMySQL($Mail);
		$select = "SELECT * FROM ".users." WHERE Username = '".$username."'";
		$resultSql= parent::SelectMySQL($select);
		$total = mysql_num_rows($resultSql);
		parent::CloseConnection();
		return $total;
	}public function getMail($Mail)
	{
		$Mail = parent::checkStrMySQL($Mail);
		$select = "SELECT * FROM ".users." WHERE Email = '".$Mail."'";
		$resultSql= parent::SelectMySQL($select);
		$total = mysql_num_rows($resultSql);
		parent::CloseConnection();
		return $total;
	}public function updateInsertUser($_POST)
	{
		$ID = parent::checkStrMySQL($_POST['usersID']);
		$Username = parent::checkStrMySQL($_POST['txt_users']);
		$Password = trim($_POST['txt_pass']);
		$Mod = parent::checkStrMySQL($_POST['mod']);
		$Fullname = parent::checkStrMySQL($_POST['txt_Fullname']);
		$Email = parent::checkStrMySQL($_POST['txt_Email']);
		$Yahoo = parent::checkStrMySQL($_POST['txt_Yahoo']);
		$arrYahoo = explode('@',$Yahoo);
		$YahooMe = $arrYahoo[0];
		$Phone = parent::checkStrMySQL($_POST['txt_Phone']);
		$Mobi = parent::checkStrMySQL($_POST['txt_Mobi']);
		$CMND = parent::checkStrMySQL($_POST['txt_CMND']);
		$Address = parent::checkStrMySQL($_POST['txt_Address']);
		
		$pass = $Password==''?"":" `Password`= '".md5($Password)."', ";
		
		if($_POST['acUser']=='edit'){
			$query = "UPDATE ".users." SET Username='".$Username."', ".$pass." `Mod`='".$Mod."',Fullname='".$Fullname."',Phone='".$Phone."',Email='".$Email."',YahooChat='".$YahooMe."', Mobi='".$Mobi."',CMND='".$CMND."',Address='".$Address."' WHERE ID = '".trim($ID)."'";
		
		}else if($_POST['acUser']=='add'){
			$query = "INSERT INTO ".users."(Username,`Password`,`Mod`,Fullname,Phone,Email,YahooChat,Mobi,CMND,Address,`Status`)
			VALUES('".$Username."','".md5($Password)."','".$Mod."','".$Fullname."','".$Phone."','".$Email."','".$YahooMe."','".$Mobi."','".$CMND."','".$Address."', 'true')";
		}
		
		parent::CloseConnection();
		return parent::UpdateInsertMySQL($query);
		
	}
}
?>